The Personal Information Protection and Electronic Documents Act (abbreviated PIPEDA or PIPED Act) is a Canadian law relating to data privacy. It governs how private-sector organizations collect, use and disclose personal information in the course of commercial business. In addition, the Act contains various provisions to facilitate the use of electronic documents. PIPEDA was passed in the late 1990s to promote consumer trust in electronic commerce. The act was also intended to reassure the European Union that the Canadian privacy law was adequate to protect the personal information of European citizens.

The principles set out in the National Standard of Canada entitled model code for the protection of personal information are as follows;

Accountability

Identifying Purposes

Consent

Limiting Collection

Limiting Use, Disclosure and Retention

Accuracy

Safeguards

Openness

Individual Access

Challenging Compliance

Major publications

The Personal Information Protection and Electronic Documents Act of 2000, can be found at the following link.

Compliance

Canadian law requires organizations to

obtain consent when they collect, use or disclose their personal information;

supply an individual with a product or a service even if they refuse consent for the collection, use or disclosure of your personal information unless that information is essential to the transaction;

collect information by fair and lawful means; and

have personal information policies that are clear, understandable and readily available.